Infisical (Secrets Management)▌
by infisical
Securely manage and access secrets with a bridge to Infisical. Supports secret server solutions like AWS Secrets Manager
Provides a secure bridge to the Infisical secrets management platform, enabling operations like creating, updating, and retrieving secrets without exposing credentials directly
best for
- / DevOps teams managing application secrets
- / Developers needing secure credential storage
- / Teams using Infisical for secrets management
capabilities
- / Create new secrets in Infisical
- / Retrieve existing secrets
- / Update secret values
- / Delete secrets
- / List all secrets in a project
what it does
Connects to Infisical's secrets management platform to create, read, update, and delete secrets securely through API calls.
about
Infisical (Secrets Management) is an official MCP server published by infisical that provides AI assistants with tools and capabilities via the Model Context Protocol. Securely manage and access secrets with a bridge to Infisical. Supports secret server solutions like AWS Secrets Manager It is categorized under auth security, productivity.
how to install
You can install Infisical (Secrets Management) in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.
license
Apache-2.0
Infisical (Secrets Management) is released under the Apache-2.0 license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.
readme
Infisical Model Context Protocol
The Infisical Model Context Protocol server allows you to integrate with Infisical APIs through function calling. This protocol supports various tools to interact with Infisical.
Setup
Environment variables
In order to use the MCP server, you must first set the environment variables required for authentication.
INFISICAL_UNIVERSAL_AUTH_CLIENT_ID: The Machine Identity universal auth client ID that will be used for authenticationINFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET: The Machine Identity universal auth client secret that will be used for authentication.INFISICAL_HOST_URL: Optionally set a custom host URL. This is useful if you're self-hosting Infisical or you're on dedicated infrastructure. Defaults tohttps://app.infisical.com
To run the Infisical MCP server using npx, use the following command:
npx -y @infisical/mcp
Usage with Claude Desktop
Add the following to your claude_desktop_config.json. See here for more details.
{
"mcpServers": {
"infisical": {
"command": "npx",
"args": ["-y", "@infisical/mcp"],
"env": {
"INFISICAL_HOST_URL": "https://<custom-host-url>.com", // Optional
"INFISICAL_UNIVERSAL_AUTH_CLIENT_ID": "<machine-identity-universal-auth-client-id>",
"INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET": "<machine-identity-universal-auth-client-secret"
}
}
}
}
Available tools
| Tool | Description |
|---|---|
create-secret | Create a new secret |
delete-secret | Delete a secret |
update-secret | Update a secret |
list-secrets | Lists all secrets |
get-secret | Get a single secret |
create-project | Create a new project |
create-environment | Create a new environment |
create-folder | Create a new folder |
invite-members-to-project | Invite one or more members to a project |
Debugging the Server
To debug your server, you can use the MCP Inspector.
First build the server
npm run build
Run the following command in your terminal:
# Start MCP Inspector and server
npx @modelcontextprotocol/inspector node dist/index.js
Instructions
- Set the environment variables as described in the Environment Variables step.
- Run the command to start the MCP Inspector.
- Open the MCP Inspector UI in your browser and click Connect to start the MCP server.
- You can see all the available tools and test them individually.